From f06aa8058b7e32ba32d4551074b6e0b8a300f751 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Mon, 21 Oct 2013 15:02:40 -0400
Subject: [PATCH] Bump version after security fix
---
program/include/rcube_cache.php | 75 ++++++++++++++++++++++++++-----------
1 files changed, 53 insertions(+), 22 deletions(-)
diff --git a/program/include/rcube_cache.php b/program/include/rcube_cache.php
index 204eaa5..299e655 100644
--- a/program/include/rcube_cache.php
+++ b/program/include/rcube_cache.php
@@ -7,7 +7,10 @@
| This file is part of the Roundcube Webmail client |
| Copyright (C) 2011, The Roundcube Dev Team |
| Copyright (C) 2011, Kolab Systems AG |
- | Licensed under the GNU GPL |
+ | |
+ | Licensed under the GNU General Public License version 3 or |
+ | any later version with exceptions for skins & plugins. |
+ | See the README file for a full license statement. |
| |
| PURPOSE: |
| Caching engine |
@@ -28,7 +31,7 @@
* @package Cache
* @author Thomas Bruederli <roundcube@gmail.com>
* @author Aleksander Machniak <alec@alec.pl>
- * @version 1.0
+ * @version 1.1
*/
class rcube_cache
{
@@ -188,6 +191,24 @@
/**
+ * Remove cache records older than ttl
+ */
+ function expunge()
+ {
+ if ($this->type == 'db' && $this->db) {
+ $this->db->query(
+ "DELETE FROM ".get_table_name('cache').
+ " WHERE user_id = ?".
+ " AND cache_key LIKE ?".
+ " AND " . $this->db->unixtimestamp('created')." < ?",
+ $this->userid,
+ $this->prefix.'.%',
+ time() - $this->ttl);
+ }
+ }
+
+
+ /**
* Writes the cache back to the DB.
*/
function close()
@@ -227,26 +248,30 @@
return null;
}
- if ($this->type == 'memcache') {
- $data = $this->db->get($this->ckey($key));
- }
- else if ($this->type == 'apc') {
- $data = apc_fetch($this->ckey($key));
- }
-
- if ($data) {
- $md5sum = md5($data);
- $data = $this->packed ? unserialize($data) : $data;
-
- if ($nostore) {
- return $data;
+ if ($this->type != 'db') {
+ if ($this->type == 'memcache') {
+ $data = $this->db->get($this->ckey($key));
}
+ else if ($this->type == 'apc') {
+ $data = apc_fetch($this->ckey($key));
+ }
- $this->cache_sums[$key] = $md5sum;
- $this->cache[$key] = $data;
+ if ($data) {
+ $md5sum = md5($data);
+ $data = $this->packed ? unserialize($data) : $data;
+
+ if ($nostore) {
+ return $data;
+ }
+
+ $this->cache_sums[$key] = $md5sum;
+ $this->cache[$key] = $data;
+ }
+ else {
+ $this->cache[$key] = null;
+ }
}
-
- if ($this->type == 'db') {
+ else {
$sql_result = $this->db->limitquery(
"SELECT cache_id, data, cache_key".
" FROM ".get_table_name('cache').
@@ -271,6 +296,9 @@
$this->cache[$key] = $data;
$this->cache_sums[$key] = $md5sum;
$this->cache_keys[$key] = $sql_arr['cache_id'];
+ }
+ else {
+ $this->cache[$key] = null;
}
}
@@ -436,10 +464,13 @@
*/
private function delete_record($key, $index=true)
{
- if ($this->type == 'memcache')
- $this->db->delete($this->ckey($key));
- else
+ if ($this->type == 'memcache') {
+ // #1488592: use 2nd argument
+ $this->db->delete($this->ckey($key), 0);
+ }
+ else {
apc_delete($this->ckey($key));
+ }
if ($index) {
if (($idx = array_search($key, $this->index)) !== false) {
--
Gitblit v1.9.1